Blog Post

Consumer Privacy Advocates Seek Search Engine Solution

Posted by

Thu, Feb 19, 2009 at 11:46 am

    one knows more about us—our ailments, significant others, favorite
    music, what we’re thinking about buying, and how much we spend—than our
    search engines. However, this is stuff we probably wouldn’t choose to
    share with a multimillion dollar web company. Every major search engine
    in the world, however, retains every search query ever typed into its
    field, and privacy advocates are calling for search engines to change
    their ways.

    Virtually all search engines gather information about
    how searchers query, what they click, and where they wind up. This
    personal information (i.e., IP addresses, cookies, session IDs) is
    stored alongside queries for anywhere between 90 days and forever.

    think most users simply don’t realize the amount of personal
    information they provide," says John M. Simpson, a consumer policy
    advocate with the nonprofit group Consumer Watchdog. While most of the
    data is used for behavioral targeting or performance improvement, it
    can also be accessed by legal authorities with a subpoena. In 2006, AOL
    accidentally released search query information for 500,000 users.
    Police have used search engine queries against defendants in hacking
    and murder cases (based on queries such as "how to commit murder" and
    "undetectable poisons").

    During a Q&A session with Google CEO
    Eric Schmidt at a New America Foundation speech in Washington, D.C.,
    Simpson asked the "king" of consumer search engines what the company
    was planning to do about privacy concerns repeatedly expressed by
    Consumer Watchdog. Schmidt responded that he was "sympathetic" to
    security concerns, but he remained noncommittal about future privacy

    Google seems to be taking a backseat and waiting to see
    how successful other search engines’ solutions turn out before taking
    action. Currently, all search information is stored on Google’s servers
    for 9 months. After it expires, Google deletes the final eight digits
    of the user’s IP address and hides cookies and session IDs.

    not the only company taking a wait-and-see approach: Microsoft has said
    it would consider making changes if its competitors did. Microsoft’s
    Live Search feature currently keeps search logs for 18 months before
    fully deleting IP addresses and other identifying information.

    who’s blazing the way? Search solution providers and Yahoo!
    have both recently thrown down the gauntlet by stepping up search
    privacy protections in very different ways.’s AskEraser tool
    debuted in December 2007. When activated, the AskEraser "erases"
    personal information, such as user and session ID cookies, search
    queries, and IP addresses, usually within hours. The AskEraser works on
    any search field.

    Yahoo!’s approach to search anonymity
    is more subtle. Rather than giving users opt-out power, Yahoo! has
    committed to a complex anonymization process that continues collecting
    query data while disassociating specific users from requests. After 90
    days in Yahoo!’s cache, the final octet of every IP address is deleted,
    the Yahoo! ID and cookie information are one-way secret hashed (a
    process that condenses and scrambles file data), and search queries are
    filtered to remove any personally identifiable information (such as a
    social security number).

    According to Anne Toth, Yahoo!’s VP of
    privacy policy, "We are dramatically increasing the scope of data
    covered under our anonymization process. In addition to search log
    files, our new policy applies to ad views, ad clicks, page views, and
    page clicks for all our products and services on a global basis, which
    encompasses all our log file systems. … We structured our policy to
    ensure that Yahoo! continues to utilize data to create cutting-edge
    technology, product innovation, and advertising solutions, while
    strengthening consumer privacy protection."

    Simpson isn’t so sure
    that Yahoo!’s protections are enough. "[It’s] a step in the right
    direction, but it doesn’t go far enough," says Simpson. "In the best of
    all worlds, the default mode would be to not share information with
    Google’s servers. Users would have the option to do so if they wished.
    Failing that, a prominent button on the homepage that said, ‘Make me
    anonymous,’ and that did so, would work."

    While he
    praised and Yahoo! for taking steps, Simpson believes all eyes
    are on Google. With 63% of all U.S. search traffic flowing through
    Google, Simpson hopes they’ll be the next search engine to take steps
    toward more secure search. "We are working to get them to change their
    policies so that the rest of the industry will follow suit," he says.
    "They have the opportunity to live up to their ‘Don’t be evil’ motto
    and set the gold standard for privacy for the entire internet."


    , , ,

    This post was written by:

    Fatal error: Call to undefined function userphoto_the_author_photo() in /home/insidego/public_html/wp-content/themes/freshnews/single.php on line 97